A recent Report to Congress from the Office of Inspector General (OIG) of the Intelligence Community addresses barriers to information sharing that Congress sought to promote in landmark 2015 legislation. This report may have...more
WHAT: The U.S. Department of Defense (DOD) has issued a proposed rule setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The proposed rule primarily...more
As we enter the New Year, Wiley has looked back at the top cyber issues for 2023 and what they mean for 2024. Last year, we saw the rollout of the National Cybersecurity Strategy—which outlined a new era of cyber oversight—as...more
1/3/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
Environmental Protection Agency (EPA) ,
Executive Orders ,
FBI ,
Federal Acquisition Regulations (FAR) ,
Federal Trade Commission (FTC) ,
FISA ,
NIST ,
NSTAC ,
NYDFS ,
OMB ,
Popular ,
Ransomware ,
Securities and Exchange Commission (SEC) ,
TSA
WHAT: The U.S. Department of Defense (DOD) has issued a proposed rule setting forth the requirements for its long-anticipated Cybersecurity Maturity Model Certification 2.0 (CMMC) program. The proposed rule primarily...more
For most filers, the U.S. Securities and Exchange Commission’s (SEC) new Form 8-K rules for reporting material cybersecurity incidents took effect yesterday, December 18, 2023. The rule has been controversial and created some...more
On December 14, 2023, the House of Representatives passed the National Defense Authorization Act for Fiscal Year 2024 (NDAA), following the Senate’s passage a few days earlier. The President is expected to sign the NDAA into...more
12/19/2023
/ Artificial Intelligence ,
China ,
Cuba ,
Department of Defense (DOD) ,
Department of Homeland Security (DHS) ,
Drones ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Federal Information Security Modernization Act (FISMA) ,
FISA ,
Greenhouse Gas Emissions ,
Information and Communication Technology (ICT) ,
National Security ,
NDAA ,
Software ,
Subcontractors ,
Supply Chain ,
Unmanned Aircraft Systems ,
US State Departments
Last week, the House Select Committee on the Strategic Competition between the United States and the Chinese Communist Party (Select Committee) issued a comprehensive new bipartisan report, including almost 150 policy...more
12/19/2023
/ Bureau of Industry and Security (BIS) ,
CFIUS ,
China ,
Competition ,
Department of Defense (DOD) ,
FCC ,
FIRRMA ,
Foreign Adversaries ,
Foreign Investment ,
NDAA ,
Popular ,
Tariffs ,
Technology ,
U.S. Commerce Department
There has been a lot of coverage about the Federal Communications Commission’s (FCC and Commission) new and expansive data breach notification Order, approved on a 3-2 vote at the Commission’s December 13 Open Meeting. Much...more
The cyber reporting landscape is rapidly shifting. Many agencies are developing rules, and a major player has been the U.S. Securities and Exchange Commission (SEC), with important questions arising about implementation of...more
12/14/2023
/ Corporate Counsel ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
FBI ,
National Security ,
Public Disclosure ,
Public Safety ,
Risk Management ,
Securities and Exchange Commission (SEC)
As heated debate continues over possible changes to the Foreign Intelligence Surveillance Act (FISA), which is poised to expire later this month, we wanted to provide some perspective on a few practical issues. As former DOJ...more
12/13/2023
/ Cyber Threats ,
Data Collection ,
Department of Justice (DOJ) ,
Electronic Communications ,
Espionage ,
FBI ,
FISA ,
Intellectual Property Protection ,
National Security ,
NDAA ,
Popular ,
Senate Judiciary Committee ,
Surveillance
On December 8, 2023, the Federal Communications Commission (FCC or Commission) released its anticipated information collection to update the Commission’s records regarding the foreign ownership of international Section 214...more
On December 18, the Securities and Exchange Commission's (SEC) new disclosure requirements go into effect and will require public companies to publicly report material cybersecurity incidents within four days of making a...more
12/12/2023
/ Cyber Incident Reporting ,
Cybersecurity ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
FBI ,
Governance Standards ,
National Security ,
Public Safety ,
Publicly-Traded Companies ,
Reporting Requirements ,
Securities and Exchange Commission (SEC)
Federal Communications Commission (FCC or Commission) Chairwoman Jessica Rosenworcel issued a Press Release yesterday announcing that the agency’s Privacy and Data Protection Task Force (Task Force) signed Memoranda of...more
12/8/2023
/ Communications Act of 1934 ,
Customer Proprietary Network Information (CPNI) ,
Data Privacy ,
Data Security ,
Enforcement ,
FCC ,
Federal Trade Commission (FTC) ,
Investigations ,
Memorandum of Understanding ,
Notice of Inquiry ,
Telecommunications
The Black Cat/ALPHV ransomware group filed a complaint with the U.S. Securities and Exchange Commission (SEC) to allege that one of their victims failed to disclose a cyberattack to the SEC within four days, reports Bleeping...more
The Office of the U.S. Trade Representative on Wednesday, October 25, rescinded its support for e-commerce proposals already advanced in World Trade Organization (WTO) negotiations, undermining the ongoing talks among 90 WTO...more
WHAT: As we previously reported here, on October 3, 2023, the Federal Acquisition Regulatory Council (FAR Council) proposed a pair of major cybersecurity rules intended to implement key parts of President Biden’s May 2021...more
10/12/2023
/ Cloud Computing ,
Controlled Unclassified Information (CUI) ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
DFARS ,
Executive Orders ,
FBI ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Information Technology ,
Internet of Things ,
Software ,
Subcontractors
A recent spate of successful legal challenges has provided some relief from the ever-swelling wave of state privacy laws. The legal bases of these challenges vary, but taken together, they highlight that state privacy laws –...more
10/6/2023
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
COPPA ,
Corporate Counsel ,
Data Collection ,
Data Management ,
Data Protection Impact Assessments (DPIAs) ,
First Amendment ,
New Regulations ,
Online Safety for Children ,
State Privacy Laws
Information sharing has seemed like the “holy grail” of federal cyber policy: sought after but elusive, especially to those who think it will solve their problems. At a time of increased regulation and looming mandates for...more
Wiley’s cyber team talks about cyber incident reporting after a new report from DHS advising Congress on duplication of reporting regimes. With over 50 reporting requirements spread over 20 agencies, federal agencies and the...more
On Thursday, September 28, 2023, the Federal Communications Commission (FCC or Commission) released a draft Notice of Proposed Rulemaking (NPRM) that, if adopted, would comprehensively regulate broadband in the United States....more
10/2/2023
/ Business Conduct Standards ,
Communications Act 2003 ,
Cyber Threats ,
Cybersecurity ,
FCC ,
Infrastructure ,
Internet Service Providers (ISPs) ,
Net Neutrality ,
NPRM ,
Open Internet Rules ,
Telecommunications ,
Title I ,
Title II
On day two of Mobile World Congress (MWC), CTIA hosted a panel on “Promoting Security in a 5G World.” The panel discussed ongoing efforts by regulators and the ways that the wireless industry is responding to a changing...more
9/29/2023
/ 5G Network ,
Customer Proprietary Network Information (CPNI) ,
Cyber Incident Reporting ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
Harmonization Rules ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
NIST ,
Popular ,
Telecommunications ,
Wireless Industry ,
Wireless Technology
On September 19, 2023, the Department of Homeland Security (DHS) released a Report to Congress (Report) on the Harmonization of Cyber Incident Reporting to the Federal Government. The Report reflects on the 52 in-effect or...more
Next week in Las Vegas, the Mobile World Congress (MWC) will bring together policymakers, industry experts, and stakeholders across the wireless ecosystem to discuss critical issues impacting the industry. Hosted by trade...more
The Federal Communications Commission’s (FCC or Commission) Office of International Affairs (OIA) recently released an Order in the agency’s ongoing proceeding related to its adoption of an Order and Notice of Proposed...more
In a new Notice of Proposed Rulemaking (NPRM), the Federal Communications Commission (FCC) imposes a short comment deadline for a complex new cybersecurity labeling regime for Internet of Things (IoT) devices. The NPRM also...more